class BookInstancesController < ApplicationController
  
  before_filter :authourize
  
   def authourize
    if ( !User.find_by_id(session[:user_id]) or session[:username]!="admin")
      redirect_to login_url,:notice => "Please log in"
    end
  end
  
  # GET /book_instances
  # GET /book_instances.json
  
  
  def index
    @book_instances = BookInstance.all

    respond_to do |format|
      format.html # index.html.erb
      format.json { render json: @book_instances }
    end
  end

  # GET /book_instances/1
  # GET /book_instances/1.json
  def show
    @book_instance = BookInstance.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.json { render json: @book_instance }
    end
  end

  # GET /book_instances/new
  # GET /book_instances/new.json
  def new
    @book_instance = BookInstance.new

    respond_to do |format|
      format.html # new.html.erb
      format.json { render json: @book_instance }
    end
  end

  # GET /book_instances/1/edit
  def edit
    @book_instance = BookInstance.find(params[:id])
  end

  # POST /book_instances
  # POST /book_instances.json
  def create
    @book_instance = BookInstance.new(params[:book_instance])

    respond_to do |format|
      if @book_instance.save
        format.html { redirect_to @book_instance, notice: 'Book instance was successfully created.' }
        format.json { render json: @book_instance, status: :created, location: @book_instance }
      else
        format.html { render action: "new" }
        format.json { render json: @book_instance.errors, status: :unprocessable_entity }
      end
    end
  end

  # PUT /book_instances/1
  # PUT /book_instances/1.json
  def update
    @book_instance = BookInstance.find(params[:id])

    respond_to do |format|
      if @book_instance.update_attributes(params[:book_instance])
        format.html { redirect_to @book_instance, notice: 'Book instance was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: "edit" }
        format.json { render json: @book_instance.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /book_instances/1
  # DELETE /book_instances/1.json
  def destroy
    @book_instance = BookInstance.find(params[:id])
    @book_instance.destroy

    respond_to do |format|
      format.html { redirect_to book_instances_url }
      format.json { head :no_content }
    end
  end
end
